The Rise of Cybercrime In Travel: Know the Risks and How to Evade Them

03 Oct 2019

While most of us don’t think twice about plugging our phone into a free charging station or hopping on the free Wi-Fi to check email when travelling, these conveniences come with security and privacy risks that can have devastating consequences for unsuspecting victims. If your team travels for work, you should be mindful of cybercriminals and what you can do to defend against unseen threats and hackers lurking in the shadows at airports and hotels around the world.

 

Device charging can be risky business

Borrowing a charger from a fellow traveller, the hotel front desk or plugging into the complimentary airport charging station might seem harmless, however, hackers can implant malware into charging cables that can remotely hijack devices such as mobile phones and computers. According to the 2019 IBM X-Force Threat Intelligence Index, a growing number of cybercriminals are targeting airports and the malicious technology is small and inexpensive to produce. In this case, the best thing to do is ensure your various charging cables feature high up on your standard list of things to pack whenever you travel.

 

Wi-Fi hotspot or crime hotspot?

In addition to the inflated data charges South Africans face at home, the cost of data escalates even more while abroad. Those of us anxious about “bill shock” is more likely to leave roaming disabled in favour of connecting to free Wi-Fi whenever the opportunity presents itself. Unfamiliar “free” public Wi-Fi networks are a real temptation but joining one can leave you open to many vulnerabilities. The most common of these is the Man In The Middle (MITM) attack – when your device sends data to a website or service, hackers can intercept it so that your private data is exposed. To safeguard against this, be sure the Wi-Fi you’re linking up with is safe and password protected and supplied by a trusted provider. As a rule for using public Wi-Fi networks, avoid sensitive online activities such as Internet banking, don’t interact with strange pop-up windows in your browser and disable Wi-Fi when you don’t need it.

 

Companies are also at risk

In addition to the cybersecurity risks individuals face, companies are also at risk of travelling employees unintentionally compromising enterprise data. Fortunately, there are steps that you can take to reduce the threat of cybercrime and data breaches in the business travel context. Firstly, back up all data and remove sensitive information from travellers’ devices. Ensure that all accounts are protected with strong passwords and lockdown services and ports that are not necessary for the business trip. Additionally, make sure that system and application patches are up-to-date and that the latest version of antivirus software is installed. It is also important to deploy robust encryption for any information that will be carried overseas.

Caleb Barlow, vice president of X-Force Threat Intelligence at IBM said, “People carry a goldmine of data when travelling including passports, payment information, and detailed travel itineraries. When placed in the hands of a cybercriminal, all this information can be patched together into a complete picture of the traveller’s life to inform identity theft, initiate spear-phishing attacks or be sold on the dark web.”

No business is immune from these issues and IT decision-makers must evolve corporate travel policies to include best data security practices for corporate travel. Ramp up efforts by educating employees on the risks and the crucial role their caution plays in protecting the interests of the company they work for. Introduce a company-wide cybersecurity travel policy to ensure your staff knows how to protect themselves and your business while traveling.